Jump to content

Win64/Intel.A NIC_Intel_firmware IQVW64e.sys


Go to solution Solved by itman,

Recommended Posts

Hello ,

I am constantly receiving this Detection  , i know this has also been marked as a Vulnerability -- > NVD - CVE-2015-2291 (nist.gov)


C:\Windows\Temp\a1d4d890-a36f-4104-8dfa-041c3f82fd6d\NIC_Intel_Firmware\iqvw64e.sys;Win64/Intel.A potentially unsafe application;cleaned by deleting;NT AUTHORITY\SYSTEM;Event occurred on a new file created by the application: C:\Windows\Temp\a1d4d890-a36f-4104-8dfa-041c3f82fd6d\miniunz.exe

 

Upgraded the Endpoint Version , Scanned , detections are deleted but it recurs.

There' no any DUP (dell Update Package )  , NIC is a Broadcom not an Intel

 

Please advise how to clean it up once and for all .

 

 

Link to comment
Share on other sites

  • Administrators

If the application miniunz.exe  is trusted and you run it on purpose, you can create a detection exclusion for the detected file. It can be misused only when used by an attacker or malware.

Link to comment
Share on other sites

56 minutes ago, Marcos said:

If the application miniunz.exe  is trusted and you run it on purpose, you can create a detection exclusion for the detected file. It can be misused only when used by an attacker or malware.

Thanks for your reply Marcos

But it's auto downloading / installing , i never run miniunz.exe
Just wanted to know if this might be a False Positive ?

Link to comment
Share on other sites

  • Solution
3 hours ago, RobFIT said:

But it's auto downloading / installing , i never run miniunz.exe

Copy the hash value from the entry Eset quarantined. Then go to VirusTotal.com and perform a scan based on hash value. If there are multiple AV vendors detection at VT, assume the file being downloaded is malicious.

 CVE-2015-2291 tracks to an Intel Ethernet diagnostic driver vulnerability. I have linked Intel's article about it which includes a patched updated driver: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html . I suggest you apply the driver update ASAP.

Link to comment
Share on other sites

On 7/19/2022 at 4:56 PM, itman said:

Copy the hash value from the entry Eset quarantined. Then go to VirusTotal.com and perform a scan based on hash value. If there are multiple AV vendors detection at VT, assume the file being downloaded is malicious.

 CVE-2015-2291 tracks to an Intel Ethernet diagnostic driver vulnerability. I have linked Intel's article about it which includes a patched updated driver: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00051.html . I suggest you apply the driver update ASAP.

Thanks Buddy , Will test it , Sorry for the late reply.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...